IT Providers Stew Over Big Data Privacy Regulation

By John K. Higgins
Apr 18, 2014 3:57 PM PT

With the emergence of the Big Data era, technology developers see major benefits in the ability to manage huge volumes of information. However, with an onslaught of data breaches such as the recent hacking of the Target retail chain, consumers and their representatives in government are increasingly nervous about bigger threats to privacy.

"The immense volume, diversity and potential value of data will have profound implications for privacy, the economy and public policy," John Podesta, counselor to President Obama, said in January when he was tapped to lead a White House review on the impact of IT and privacy.

The purpose of the initiative was to examine "how Big Data will affect the way we live and work," and "how public and private sectors can spur innovation and maximize the opportunities and free flow of this information while minimizing the risks to privacy," Podesta said.

As part of that effort, the White House set up a formal program to accept public comment on a number of issues it planned to explore in the Big Data review. In addition, the administration set up an interactive public portal to invite input under WhiteHouse.Gov/BigData.

Existing technologies already pose significant threats of disclosing personal information -- and the emergence of Big Data simply compounds the problem, according to the Center for Digital Democracy.

"While today's Big Data-driven landscape may appear to be a recent development, it is really the consequences of historical trends in data processing, the growth of digital platforms, and the evolution of the commercial online marketing model," CDD executive director Jeff Chester said in comments to the White House Office of Science and Technology, which is conducting the Big Data review.

Consumers Unaware of Data Practices

The CDD listed several current practices it views as potentially dangerous -- and more so as Big Data techniques evolve. These involve the creation of a central repository known as a "data management platform" that can provide a person's financial data, social media usage pattern and demographic details, which are then offered to commercial interests.

Another is the creation of discrete geospatial tiles that pinpoint a consumers' whereabouts. Particularly disturbing to CDD is that such information is collected and used without the consumer's awareness or consent.

However, comments submitted to the OSTP from several IT groups reflected considerable concern about increased federal regulation that could impede innovations in electronic commerce. The Software & Information Industry Association, for example, cited many benefits of the technology.

"Big Data carries tremendous opportunities, ranging from empowering consumers with the full landscape of information they need to make optimal energy decisions to enabling civil engineers to monitor and identify at-risk infrastructure, to informing more accurate predictions of natural disasters," SIIA noted, referencing an earlier OSTP report.

A major benefit of Big Data is that "larger data sets and more affordable analytical techniques increasingly enable greater insights and create greater value for organizations and individuals," SIIA said. Another key element is that "in addition to finding answers to specific queries, Big Data analysis allows insights that could not be anticipated empirically or theoretically before the analysis took place."

The government should "proceed cautiously" in addressing Big Data policy issues so as to ensure the technology can develop productively, SIIA recommended.

"Whenever policymakers conduct a policy review of a rapidly evolving new development like Big Data, we fear that a rush to develop new policies could stifle innovative outcomes and threaten broad public benefits," David LeDuc, senior director for public policy at the Software & Information Industry Association, told the E-Commerce Times.

Privacy Danger Overstated

Specifically on the privacy issue, SIIA noted that "the vast majority of Big Data is not personal or sensitive data, and the vast majority of new insights generated from Big Data analysis do not rely on personal information."

The perceived threat to privacy from Big Data is overstated, according to the
Technology Policy Institute, a research organization supported by major e-commerce companies such as Amazon, Experian, Google and Verizon.

"There is no evidence at present that Big Data used for commercial and other non-surveillance purposes have caused privacy harms," TPI concluded, citing its own December 2013 report.

"In fact, the proliferation of Big Data in recent years does not appear to have increased identity fraud and or data breaches. Since 2005, the overall incidence of identity fraud has been relatively flat and the total dollar amount of fraud has fallen -- from an average of US$29 billion for 2005-2009 to $19 billion for 2010-2013," TPI president Thomas Lenard said in comments to the OSTP.

While the decline in fraud values doesn't exonerate Big Data as a possible contributing cause to the breaches that have occurred, "my point is that when one looks at the currently available data on identity theft and breaches, there is no evidence that the growth of Big Data has contributed to an increase in identity fraud or data breaches," Lenard told the E-Commerce Times.

Since the perceived potential harm from Big Data is essentially speculative, the potential benefit to consumers that would result from regulation is equally speculative and could impede the development of technology, according to TFI.

Given the lack of evidence related to harmful impacts, "particularly in a new market such as the electronic use of information, it is much more likely that uninformed regulation will stifle innovation rather than provide net benefits," Lenard said.

Study Will Need to Assess Claims

However, privacy advocates remain unconvinced that Big Data poses few concerns for consumers.

"The data brokerage business model relies on one thing -- collecting more and more increasingly personal consumer data. The notion that they have, or will, voluntarily move away from their intrusive practices when millions of dollars are at stake is seriously misguided," Joy Spencer, associate director at CDD, told the E-Commerce Times.

"Privacy concerns are not overstated, because on a daily basis the rights of consumers are being chipped away with little transparency or accountability," she said.

The issue of consumer privacy remains a high visibility item for both business and government. Earlier this month, the Senate Homeland Security and Governmental Affairs Committee held a hearing on data breaches and personal privacy.

Committee Chairman Tom Carper, D-Del., noted that "as we embrace the latest technology both at home and in the workplace, there is little doubt that more of our sensitive personal information is at risk of being compromised."

The hearing provided an opportunity for the business sector to describe "common sense solutions that the private sector can undertake proactively without the help of Congress," Carper said.

After considering the comments it received, as well as related information from several other forums, the White House is scheduled to complete its review by April 30.

John K. Higgins is a career business writer, with broad experience for a major publisher in a wide range of topics including energy, finance, environment and government policy. In his current freelance role, he reports mainly on government information technology issues for ECT News Network.